This privacy notice describes how ODDITY LABS, LLC. (“ODDITY LABS”, “we”, “us” or “our”) collects, uses, shares, and protects personal information. It also tells you about the rights and choices you have with respect to your personal information, and how you can reach us to get answers to your questions.
What Our Privacy Notice Covers
This privacy notice covers the “personal information” that ODDITY LABS obtains about you in various contexts, both online and offline, including when you visit our websites (“Sites”), communicate with us, or participate in any of our programs or events. This Privacy Notice does not cover ODDITY LABS’s processing of personal information relating to job applicants, employees or other staff members. Our Sites may include links to third party websites and/or applications. Please note that we have no control over the privacy practices of websites or applications that we do not own, and we encourage you to review the privacy notices of these third party websites.
What We Collect
We obtain information about you from a variety of sources depending on our relationship with you. The following are examples of the types of personal information that we collect:
Account Registration; When you create an account with us or join our loyalty program, we collect your name, e-mail address, login details and location. You can choose to save certain information in your account to use for future purchases, such as your shipping addresses.
Waiting List; When you choose to be a part of any of our waiting lists, we collect your e-mail address.
Communications With Us; When you communicate with us, including contacting us for support, to provide feedback or comments, to participate in a survey, or to make a request or other inquiry, we will collect your name and contact information (such as e-mail address or phone number), as well as any other information that you choose to provide to us. In some cases, we record customer service calls for quality assurance.
Posting in Public Forums; If you choose to submit or post information, reviews or photos in a public space on our Sites, or on our social media pages, such as creating a public profile, rating our products, submitting content as part of ODDITY LABS’s online community, or leaving a testimonial about an ODDITY LABS influencer, we collect the information you share.
Promotional Communications; When you sign up to receive promotional communications from us, such as e-mail communications, mobile messages (including text and/or push notifications), and postal mailings, we collect your contact information. We may also collect certain information about how you interact with the e-mails and promotional messages we send you.
Referral/Promotional Programs; When you sign up to any of our promotional programs, we collect your name and email address, as well as the email address of any persons you refer.Purchasing Online When you place an order for a product or service on our Sites, we collect your name, shipping address, payment information, and billing address.
Sweepstakes, Contests, and Promotions; When you participate in a sweepstakes, contest, or other similar campaign or promotion, we collect your name, contact information, and in some cases limited demographic information and content generated by participants. Some campaigns and promotions have a social networking component where you can choose to submit additional information such as social media profiles and handles, photographs, and other content.
In addition to the personal information we collect from you directly, we may also obtain information about you from other sources, including third parties, business partners (e.g., salon owners or distributors), our corporate affiliates (i.e., other entities in the ODDITY LABS group), social networks, vendors that provide services on our behalf, or publicly available sources. For example, if you have given ODDITY LABS permission to store your credit card information and your credit card issuer provides an account updater service, we may receive updated credit card information (including credit card number and expiration date) from the credit card issuer.
Information we collect automatically
When you visit our Sites, we may obtain certain information by automated means, such as through cookies, web beacons, web server logs and other technologies. A “cookie” is a text file that websites send to a visitor’s computer or other internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser. A “web beacon,” also known as an internet tag, pixel tag or clear GIF, links web pages to web servers and cookies and may be used to transmit information collected through cookies back to a web server. The information we collect in this manner may include your device IP address, unique device identifier, web browser characteristics, device characteristics, operating system, language preferences, referring URLs, media access control, clickstream data, and dates and times of website visits. We may use these automated technologies on our Sites to collect information about your equipment, browsing actions, and usage patterns. These technologies help us (1) remember your information so you do not have to re-enter it; (2) track and understand how you use and interact with our Sites; (3) tailor the Sites around your preferences; (4) measure the usability of our Sites and the effectiveness of our communications; and (5) otherwise manage and enhance our products and services, and help ensure they are working properly. Your browser may tell you how to be notified about certain types of automated collection technologies and how to restrict or disable them. Please note, however, that without these technologies, you may not be able to use all of the features of our Sites. For mobile devices, you can manage how your device and browser share certain device data by adjusting the privacy and security settings on your mobile device.
How We Use Your Personal Information
We use personal information when required in order for us to perform our contract with you, or take steps to form a contract with you, such as to: provide our products and services; fulfill your requests, such as to provide you with products and services or to process returns; and communicate with you about your orders and/or subscriptions. We also use your information in order to pursue our legitimate interests in offering you the best service and customer experience possible, securing our website and customers, and running our business efficiently. For example, we process your information to: assess your hair or wellness needs and send you content that is useful in your hair or wellness journey, including product recommendations; maintain your account, including offering functionalities such as easy checkout and the ability to save user preferences and transaction history; provide our promotional or referral programs and other loyalty schemes or programs; respond to and/or follow-up on your issues or feedback, and provide information in response to your requests and inquiries; identify you when you visit our Sites; conduct research and analytics, including improving our services and product offerings; understand your opinions and provide a forum for discussion, questions, posting of photos and reviews, and sharing of experiences; provide and maintain the functionality of our Sites, including identifying and repairing errors or problems; detect security incidents, and investigate, prevent, or take action regarding possible malicious, deceptive, fraudulent, or illegal activity, including attempts to manipulate or violate our policies, procedures, and terms and conditions; support core business functions, including maintaining records related to business process management and loss and fraud prevention, and collect amounts owing to us; and establish or exercise our legal rights, and defend ourselves against legal claims.
With your permission, we also use your information so that we can send you emails and text messages about marketing and advertising communications and other promotional materials such as trend alerts, promotions, sweepstakes, contests, new product launches, and event invitations, and understand how you interact with our communications with you. Additional updates may include Checkout Reminders. Webhooks will be used to trigger the Checkout Reminders messaging system.
If you are an individual located in the European Union or United Kingdom, we will not send you marketing and advertising material without your prior consent, unless otherwise permitted to do so by applicable law. In addition, we will only use general health and wellness information that we collect for the purposes of recommending products and treatments, when we have your consent to do so, or are otherwise permitted to do so by applicable law.
Finally, we use your information when necessary in order to comply with and enforce applicable legal requirements, relevant industry standards and ODDITY LABS policies, including our Terms & Conditions. We also may use the information we collect in other ways for which we provide specific notice at the time of collection.Typically, we retain your personal information for the period necessary to fulfill the purposes outlined in this privacy notice, unless a longer retention period is required or permitted by law.
Third-Party Analytics Services
We use third-party analytics services on our Sites, such as Google Analytics, Facebook Ads Analytics, and Shopify Reports. The information we obtain through the Sites may be disclosed to or collected directly by these services.
How We Share Your Personal Information
In addition to the specific situations discussed elsewhere in this privacy notice, we disclose personal information in the following circumstances: We may share personal information with our corporate affiliates within the ODDITY LABS group. We also share personal information with our professional advisors, such as our lawyers and accountants. We share certain personal information with third parties that perform services to support our core business functions, Sites, and internal operations (e.g., hosting and securing our Sites, providing web support to our Sites, processing and fulfilling orders, delivering packages, complying with your request for the shipment of products to or the provision of services by a third party intermediary, sending postal mail and emails, analyzing customer data, providing marketing assistance, processing credit card and debit card payments, investigating fraudulent activity, conducting customer surveys, and providing customer service). Some of our Sites have features such as plugins, widgets, or other tools made available by third parties that may result in information being collected or shared between us and the third party. For example, if you use Facebook’s “Like” feature, Facebook may register the fact that you “liked” a product and may post that information on Facebook. Their use of your information is not governed by this privacy notice. We may disclose personal information in response to subpoenas, warrants, court orders, government inquiries or investigations, or to comply with relevant laws and regulations. We may also disclose information to establish, exercise, or protect the rights of our company, employees, agents, and affiliates; to defend against a legal claim; to protect the safety and security of our visitors; to detect and protect against fraud; and to take action regarding possible illegal activities or violations of our policies. We may share personal information with another company that buys some, or all, of the assets or shares of Revela, and that company may use and disclose personal information for purposes similar to what is described in this notice. Revela may also share personal information with prospective purchasers to evaluate the proposed transaction. We may ask if you would like us to share your information with other third parties who are not described elsewhere in this privacy notice.
How We Protect Your Personal Information
We maintain administrative, technical and physical safeguards designed to protect the personal information you provide against accidental, unlawful or unauthorized access, destruction, loss, alteration, disclosure or use.
Children’s Privacy: Our Sites are designed for a general audience and are not directed to children. In connection with the Sites, we do not knowingly solicit or collect personal information from children under the age of 16 without parental consent. If we learn that we have collected personal information from a child under age 16 without parental consent, we will either seek parental consent or promptly delete that information. If you believe that a child under age 16 may have provided us with personal information without parental consent, please contact us as specified in the Contact Us page.
You have the following choices regarding your personal information:
Accessing Your Personal Information; You may request access to your personal information by emailing email@example.com. To the extent required by law, upon request, we will grant you access to the personal information we have about you.
Updating Your Information; If you have created an account, you can update your name, e-mail address, security questions, and other preferences by logging into your account and clicking on the “My Account” page. You may also contact us to update your information by emailing firstname.lastname@example.org. If you have given ODDITY LABS permission to store your credit card information and you don’t want merchants like Revela to receive your updated credit card information through your credit card issuer’s account updater service, please contact your card issuer.
Deleting of Your Personal Information; You may, however, request that we delete your personal information by emailing email@example.com. If required by law, we will grant a request to delete information. Please note that in some cases we may be required to retain your personal information to comply with our legal obligations, resolve disputes, enforce our agreements, protect against fraudulent, deceptive, or illegal activity, or for another one of our business purposes.
Restrict Processing; Subject to applicable law, you may request that we restrict the use of your personal information in certain circumstances, such as while we consider another request that you have submitted, for example a request that we update your personal information.
Object to Processing; Subject to applicable law, you may request that we cease to process certain personal information where you object to its use, we do not have an overriding legitimate interest in carrying out the processing and it is not necessary for the establishment, exercise or defense of legal claims.
Receiving Communications From Us; You may choose to provide us with your e-mail address for the purpose of allowing us to send you free newsletters, surveys, offers, and other promotional materials. You can stop receiving promotional emails at any time by clicking on the “unsubscribe” link at the bottom of any promotional email that you receive. You can also edit your email preferences by clicking the “manage preferences” link at the bottom of any promotional email.
Data Portability; Subject to applicable law, you may request that we provide a copy of your personal information to you in a structured, commonly used and machine-readable format.
Withdraw Consent; Subject to applicable law, where we rely on your consent for the purposes of our use of your personal information you have the right to withdraw your consent at any time. This will not affect the lawfulness of our use of your personal information prior to your withdrawal of consent.
Removing Content From ODDITY LABS Public Forums; You can request that we remove content or information that you have posted on a public page on some of our Sites by emailing details to Customer Service at firstname.lastname@example.org. Please note that while we will endeavor to honor your request, our removal of your content or information does not ensure complete or comprehensive removal of that information from our Sites. For example, historical copies, or “caches,” may remain. If you are located in the United Kingdom and are unsatisfied with our processing practices or our response to your request, you may lodge a complaint with the Information Commissioner’s Office.
Transfer of Information to Other Countries; ODDITY LABS is located in the United States and our service providers may be located in the United States or other countries. As a result, your personal information may be processed in a foreign country where privacy laws may be less stringent than the laws in your country. By submitting your personal information to us you agree to the transfer, storage and processing of your personal information in a country other than your country of residence including, but not necessarily limited to, the United States.
Communicating With Us; If you have any questions about our privacy or security practices, you can contact ODDITY LABS at:
ATTN: Data Privacy Officer, ODDITY LABS, LLC.
500 W Cummings ParkSuite 2150
Woburn, MA 01801
or at: email@example.com
If we need, or are required, to contact you concerning any event that involves your personal information we may do so by email, telephone, or mail.
Changes to This Policy
We may revise this privacy notice from time to time. We will notify you of material changes by posting a notice of the update on the ODDITY LABS website.
Last updated and effective date: June 6, 2023